﻿using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Web.Security;
using YAF.Classes;
using YAF.Core;
using YAF.Types.Interfaces;
using YAF.Types.EventProxies;
using YAF.Providers.Roles;

public partial class admin_Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["message"] != null && Session["message"] != "")
        {
            ContentPlaceHolder1.Controls.Add(new LiteralControl("<span class='" + Session["message_type_css"].ToString() + "'>"
                    + Session["message"].ToString() + "</span>"));
            Session["message"] = null;
            Session["message_type_css"] = null;
        }
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        if (tbPassword.Text != "" && tbPassword.Text != "")
        {
            using (SqlConnection conn = new SqlConnection(DAO.Connection.CONN_STRING1))
            {
                conn.Open();
                using (SqlCommand cmd = new SqlCommand("SP_GetUser", conn))
                {
                    cmd.CommandType = System.Data.CommandType.StoredProcedure;
                    SqlParameter[] pars = new SqlParameter[2];
                    cmd.Parameters.Add(new SqlParameter("username", tbUsername.Text));
                    cmd.Parameters.Add(new SqlParameter("password", DAO.CodeFactory.CalcMD5String(tbPassword.Text)));

                    SqlDataReader dr = null;
                    dr = cmd.ExecuteReader();
                    if (dr != null)
                    {
                        if (dr.HasRows)
                        {
                            long userid = -1;
                            if (dr.Read())
                            {
                                string type = dr["userType"].ToString();
                                if (type == "admin")
                                {
                                    ForumPage currentPage = new ForumPageRegistered();
									YafContext PageContext = currentPage.PageContext;
									bool booResult = PageContext.Get<MembershipProvider>().ValidateUser(tbUsername.Text.Trim(),dr["orig_pass"].ToString());

									FormsAuthentication.SetAuthCookie("2;1;Administrator", true);

									FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, tbUsername.Text, DateTime.Now, DateTime.Now.AddMinutes(30), false, "", "/");
									string strEncTicket = FormsAuthentication.Encrypt(ticket);
									if (Request.Cookies["texchange"] != null)
									{
										HttpCookie c = Request.Cookies["texchange"];
										c.Expires = DateTime.Now.AddDays(-1);
										HttpContext.Current.Response.Cookies.Add(c);

									}
									HttpCookie authCookie = new HttpCookie("texchange", strEncTicket);
                                    authCookie["type"] = DAO.GlobalSettings.Encrypt(dr["userType"].ToString());
									authCookie["logged"] = DAO.GlobalSettings.Encrypt("true");
									authCookie["admin_id"] = DAO.GlobalSettings.Encrypt(dr["id"].ToString());
									authCookie["name"] = DAO.GlobalSettings.Encrypt(dr["Name"].ToString());
									authCookie["lastlogin"] = DAO.GlobalSettings.Encrypt(dr["lastLogin"].ToString());
									authCookie["cid"] = DAO.GlobalSettings.Encrypt(dr["company_id"].ToString());
									//cookie.Value = DateTime.Now.ToString();
									authCookie.Expires = DateTime.Now.AddDays(999);
									//authCookie.Domain = "transportexchange.org";
									authCookie.Path = "/";

									HttpContext.Current.Response.Cookies.Add(authCookie);
                                    Int64.TryParse(dr["id"].ToString(), out userid);
                                }
                                else Response.Redirect("~/admin/Login.aspx");
                            }
                            DAO.UsersFactory.UpdateLastLogInTime(userid);
                            Response.Redirect("~/admin/Default.aspx");
                        }
                        else
                        {
                            Session["message"] = "Invalid username or password";
                            Session["message_type_css"] = "par_message_error";
                            Response.Redirect("~/admin/Login.aspx");
                        }
                    }
                    if (dr != null && !dr.IsClosed) dr.Close();
                }
            }
        }
    }
}
